Accessible Canada Act (ACA) Compliance

What is ACA Compliance? 

The Accessible Canada Act (ACA) is Canada’s federal accessibility law, designed to create a Canada without barriers by 2040. The ACA became law in 2019 and has long required covered organizations to take a programmatic approach to accessibility—through planning, feedback, and progress reporting.  

However, in 2025 Canada introduced new Digital Accessibility requirements. These new requirements build on the original foundation by adding more specific expectations for web pages, training, and recordkeeping, and (for some organizations) mobile apps, digital documents, procurement checks, and accessibility statements—with compliance milestones beginning in December 2027 and December 2028. 

Learn more about the ACA, including who must comply, standards and documentation requirements, and how Allyant supports ACA compliance.  

Background of the ACA 

The ACA takes a proactive approach. Instead of waiting for complaints, organizations are expected to build accessibility into how they design services, deliver communications, and purchase technology. 

Canada’s regulations under the ACA already require organizations to plan and report on accessibility. Newer updates add more explicit requirements for digital technologies (often described as the first major “digital accessibility” phase). 

Who Must Comply with the ACA and its Digital Accessibility Rules? 

The ACA applies to the federal public sector and to federally regulated organizations in Canada. That coverage is narrower than “all Canadian organizations,” so confirming whether your organization is federally regulated is a key first step. 

In this context, federally regulated generally means your organization operates in an industry or activity under federal jurisdiction (rather than provincial or territorial regulation). Many federally regulated organizations fall under the same jurisdictional umbrella used for federally regulated workplaces. 

Federally regulated organizations

Federally regulated organizations commonly include: 

  • Banks and authorized foreign banks. 
  • Telecommunications and broadcasting. 
  • Transportation that crosses provincial or international borders (air, rail, marine, interprovincial trucking/busing), plus related infrastructure. 
  • Postal and courier services. 
  • Many federal Crown corporations. 
  • The federal public sector (including federal departments and agencies). 
  • Businesses that are vital, essential, or integral to one of the earlier mentioned federally regulated activities. 

What about retail / commerce? 

Retail and general commerce are usually not federally regulated simply because they sell to the public. Most retailers are regulated at the provincial/territorial level. 

However, parts of a commerce ecosystem can be federally regulated when they operate as federal-jurisdiction industries—examples include banking/financial services, telecom, and interprovincial shipping/courier. 

What about healthcare services? 

Most healthcare service delivery (hospitals, clinics, providers) is typically regulated by provinces and territories, not the federal government—so it is often not federally regulated for ACA purposes. 

Healthcare may fall under ACA coverage when it is delivered by the federal public sector or by a federally regulated entity. 

A practical note for retail and healthcare organizations 

Even when ACA does not apply, retail and healthcare organizations may still have provincial accessibility obligations (and contractual or customer-driven requirements). Two common examples: 

  • Manitoba: Accessibility for Manitobans Act (AMA). 

If your organization operates across Canada, it’s common to have both federal and provincial accessibility considerations. 

Employee-count thresholds in the digital rules 

The government’s digital rules group federally regulated private-sector organizations by size: 

  • Large businesses: 500+ employees. 
  • Medium-sized businesses: 100–499 employees. 
  • Small businesses: 99 or fewer employees. 

Medium-sized businesses have fewer requirements than large businesses. Medium-sized businesses must: 

  • Ensure their new web pages conform to the ICT Standard.
  • Provide training to staff involved in developing, maintaining, or purchasing digital technologies. 
  • Meet the record retention requirements. 

However, medium-sized businesses are not subject to the digital rules for mobile applications, digital documents, procurement, or accessibility statements. 

Standards for ACA Digital Accessibility Compliance 

The ACA’s digital technology requirements reference CAN/ASC-EN 301 549 as the technical benchmark for accessible ICT. 

How CAN/ASC-EN 301 549 relates to EN 301 549 in Europe 

If your teams are already familiar with European Union (EU) accessibility frameworks, this should feel familiar: the Canadian standard is closely aligned with the EN 301 549 approach used across the EU ecosystem. 

How CAN/ASC-EN 301 549 relates to the Web Content Accessibility Guidelines (WCAG)

WCAG is a major part of the foundation, but ACA digital compliance is not “WCAG-only”: 

  • WCAG work covers a large portion of what EN 301 549 expects for web content. 
  • EN 301 549 is broader than WCAG and is designed to apply across ICT products and service, including expectations that show up in documents, software, and procurement.

In other words: WCAG conformance is often necessary, but ACA compliance usually requires a wider governance and procurement lens. 

ACA Reporting and Documentation Requirements

ACA compliance is more than fixing issues—it's also about demonstrating a repeatable program. 

Most covered organizations must: 

  • Publish an accessibility plan (what barriers you will address and how). 
  • Publish a feedback process (how people can submit accessibility feedback). 
  • Publish progress reports (what you’ve completed and what’s next). 
  • Notify the Accessibility Commissioner after publishing required materials. 
  • Ensure required publications are accessible and readable (including plain language expectations). 
  • Keep required records and be prepared to provide them during an inspection. 

Deadlines for ACA Digital Accessibility Compliance 

The digital technology requirements roll out in phases, with key milestones in December 2027 and December 2028, depending on organization type and size. Where medium-sized organizations are excluded (mobile, documents, procurement, statements), that’s intentional—those requirements apply to the federal public sector and/or large businesses. 

Web pages (public-facing and employee-facing): 

Requirements for new and updated web pages start: 

  • December 5, 2027 (federal public sector organizations). 
  • December 5, 2028 (large businesses).
  • December 5, 2028 (medium-sized businesses — web pages are the primary “digital content” requirement for medium-sized organizations). 

Mobile applications: 

Mobile app requirements begin December 5, 2028 for: 

  • Federal public sector organizations. 
  • Large businesses. 

Medium-sized businesses are not subject to the mobile application requirements. 

Digital documents: 

Digital document requirements begin December 5, 2028 for: 

  • Federal public sector organizations. 
  • Large businesses. 

Medium-sized businesses are not subject to the digital document requirements. 

Accessibility statements: 

Accessibility statement requirements begin: 

  • December 5, 2027 (federal public sector organizations — initially for websites, then expanding) 
  • December 5, 2028 (large businesses) 

Statements must be updated annually. 

Medium-sized businesses are not subject to the accessibility statement requirements under the new digital rules. 

Procurement checks: 

Procurement checks begin December 5, 2028 for: 

  • Federal public sector organizations. 
  • Large businesses. 

Medium-sized businesses are not subject to the digital procurement requirements. 

Training: 

Digital accessibility training requirements must be met by December 5, 2027 for: 

  • Federal public sector organizations. 
  • Large businesses. 
  • Medium-sized businesses. 

Training must be refreshed on a recurring basis (at least every three years). 

Record keeping and retention: 

Record retention requirements apply to: 

  • Federal public sector organizations. 
  • Large businesses. 
  • Medium-sized businesses. 

Retention expectations include keeping digital copies of required items (for example, training records and other required artifacts) for the specified retention period. 

Enforcement and Penalties 

ACA compliance is monitored and enforced through tools such as inspections, orders, and notices of violation. Penalties vary based on the type and severity of non-compliance and can be significant—up to $250,000 per violation in some circumstances. 

How Allyant Supports ACA-compliant Digital Communications 

Allyant provides targeted services that map directly to what organizations must operationalize under the ACA—especially in three areas that must be implemented, documented, and sustained over time. 

Comprehensive digital audits for websites and mobile apps: 

We perform in-depth accessibility audits of websites, web applications, and mobile apps against the ACA’s digital standard, combining automated and manual testing (including assistive technology). 

Deliverables typically include: 

  • Findings mapped to the relevant requirements. 
  • Clear remediation guidance prioritized by user impact and risk. 
  • Support for defensible documentation and repeatable validation workflows. 

Electronic document remediation services and tools: 

ACA digital rules explicitly bring digital documents into scope for covered organizations. Allyant helps you: 

  • Inventory and assess document libraries to identify what must be remediated. 
  • Remediate PDFs and other electronic documents for accessibility. 
  • Establish sustainable processes so new and updated documents don’t create recurring compliance debt. 

Procurement accessibility services, including VPAT testing services and third-party software assessments: 

The ACA digital rules introduce procurement checks for certain digital purchases. Allyant supports organizations by: 

  • Assessing third-party platforms and software for accessibility risk. 
  • Validating VPATs and separating “claims” from real user experience. 
  • Providing procurement language and evaluation processes that make accessibility measurable and enforceable. 

To better understand the ACA's compliance requirements, including whether they apply to your organization, engage our team today.  

Frequently Asked Questions

ACA obligations apply to the federal public sector and federally regulated organizations in Canada. If your organization operates in banking, telecom, interprovincial transportation/shipping, postal/courier, or other federal-jurisdiction industries, ACA coverage is more likely.

Most retailers are provincially regulated. But if you’re part of a federally regulated industry (for example, banking, telecom, or interprovincial shipping/courier), ACA obligations may apply.

Most healthcare service delivery is provincial/territorial. ACA obligations are most likely when healthcare is delivered by the federal public sector or by a federally regulated organization.

WCAG standards are a major part of the technical foundation, but ACA compliance typically requires a broader approach—especially for procurement, training, reporting, and recordkeeping.

Ready to Start Your Accessibility Journey?

We’re ready to help. Connect with our team to hear more about how Allyant’s suite of solutions can support your accessible document, digital, and print communications needs.

Get Started Today